Feature: Auth - Authenticated session management API

  # Author: Mariac
  # Execution&Update History
  # |Date       |Owner      |Update/Execution Remark        |Comments                                               |
  # |3/9/2016   |Maria Chen |First Draft                    |The user profile id and token should be created           |
  ##################Generate User Token#####################
  @happy
  Scenario: Generate token with vaild user info
    When I send a POST request with user profile id "10000001" to "/auth/authenticated-session"
    Then the response status should be 200
    And the JSON response should be
      """
      {
      "token": "${json-unit.ignore}"
      }
      """

  @sad
  Scenario: Generate token with empty user info
    When I send a POST request with user profile id null to "/auth/authenticated-session"
    Then the response status should be 400
    And the error type should be "PARAMETER_INVALID"
    And the error message should be "userProfileId is empty!"

  @sad
  Scenario: Generate token with invalid user info
    When I send a POST request with user profile id "aasd23" to "/auth/authenticated-session"
    Then the response status should be 400
    And the error type should be "PARAMETER_INVALID"
    And the error message should be "userProfileId should be numeric!"

  ##################Get User Token#####################
  @test @happy
  Scenario: Get user profile id with generated token when user login
    Given user 10000002 has logged in
    When I send a GET request with token to "/auth/authenticated-session"
    Then the response status should be 200
    And the JSON response should contain key:value "userProfileId":"10000002"

  @sad
  Scenario: User logged out - The token should be invalid
    Given user 10000002 has logged in
    And user 10000002 has logged out
    When I send a GET request with token to "/auth/authenticated-session"
    Then the response status should be 403
    And the error message should be "Session invalided."

  @sad
  Scenario: Get user profile id with expired token
    When I send a GET request to "/auth/authenticated-session/1d0068d769046ae13e17d716592dcdc7993a1d8d"
    Then the response status should be 403
    And the error message should be "Session invalided."

  ##################Remove User Token#####################
  @happy
  Scenario: Remove user session with valid token
    Given user 10000005 has logged in
    When I send a DELETE request with token to "/auth/authenticated-session"
    Then the response status should be 200
    And the token is removed from memcached
